package com.neusoft.elmboot.util;

public class XSSUtil {
    public static final String RE_HTML_MARK = "(<[^<^+]*?>)|(<[^+\\s]*?/[^<^+]*?>)|(<[^<+^]*?/[^+\\s]*?>)";
    public static final String SQL_REGX = "((select)|(update)|(delete)|(insert)|(trancate)|(into)|(substr)|(ascii)|(declare)|(exec)|(count)|(master)|(drop)|(execute)).*";

    //清除所有HTML标签，但是不删除标签内的内容
    //清除标签后的文本
    public static String clean(String content) {
        return content.replaceAll(RE_HTML_MARK, "").replaceAll(SQL_REGX, "");
    }

}
